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DETAILED ACTION 

Remarks 

1. In response to communications filed on 13-December-2004, claims 1, 15, 29, and 40 are 
amended per applicant's request. Claims 1-50 are presently pending in the application. 

Claim Rejections - 35 USC §103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3. Claims 1, 6, 8-9, 15, 20, 22-23, 29, 33, 35, 40, 44, and 46 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Anderl et al. (International Publication No. 87/07062) in view 
of Smith (U.S. patent No. 4,9563,769). 

As to claim U Anderl et al. teaches a portable security system for managing access to a 
portable data storage cartridge, the data storage cartridge having data storage media for storing 
data for read/write access by a user of a data storage drive when mounted in the data storage 
drive (see abstract), the portable security system comprising: 

a wireless interface mounted in the portable data storage cartridge for receiving power 
and data from, and sending data to, the data storage drive when mounted in the data storage drive 
(see page 5, line 31 through page 6, line 23); and 
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a computer processor mounted in the portable data storage cartridge and coupled to the 
wireless interface (see figure 1, reference numbers 1 10, 120, and 130); the computer processor 
powered by the wireless interface and receiving and transmitting data to the data storage drive 
via the wireless interface (see page 5, line 31 through page 6, line 23); the computer processor 
receiving the user authentication messages from the data storage drive via the wireless interface, 
and transmitting the user authorization or denial to the data storage drive via the wireless 
interface (see page 10, lines 19-26). 

Anderl et al. does not teach the computer processor having a user table comprising at 
least a unique user identifier for each authorized user and at least one permitted activity the user 
is authorized to conduct with respect to the data storage media, the user identifier, when 
combined with a user authentication message from the authorized user in accordance with a 
predetermined algorithm, authorizes the user; and combining the user authentication message 
with at least part of the user identifier from the user table in accordance with the predetermined 
algorithm to authorize or deny the user activity. 

Smith teaches a security system for computer databases (see abstract), in which he 
teaches the computer processor having a user table comprising at least a unique user identifier 
for each authorized user and at least one permitted activity the user is authorized to conduct with 
respect to the data storage media (see column 2, lines 11-17), the user identifier, when combined 
with a user authentication message from the authorized user in accordance with a predetermined 
algorithm, authorizes the user (see column 5, lines 9-14 and see figure 1); and combining the 
user authentication message with at least part of the user identifier from the user table in 
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accordance with the predetermined algorithm to authorize or deny the user activity (see column 
5, lines 9-14 and see figure 1). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al. to include the computer processor 
having a user table comprising at least a unique user identifier for each authorized user and at 
least one permitted activity the user is authorized to conduct with respect to the data storage 
media, the user identifier, when combined with a user authentication message from the 
authorized user in accordance with a predetermined algorithm, authorizes the user; and 
combining the user authentication message with at least part of the user identifier from the user 
table in accordance with the predetermined algorithm to authorize or deny the user activity. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. by the teachings of Smith because the 
computer processor having a user table comprising at least a unique user identifier for each 
authorized user and at least one permitted activity the user is authorized to conduct with respect 
to the data storage media, the user identifier, when combined with a user authentication message 
from the authorized user in accordance with a predetermined algorithm, authorizes the user; and 
combining the user authentication message with at least part of the user identifier from the user 
table in accordance with the predetermined algorithm to authorize or deny the user activity 
would limit the access of selected users to pre-selected locations which they are authorized to 
access (see Smith , column 1, lines 7-12). 
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As to claim 15, Anderl et al. teaches a data storage cartridge for storing data for 
read/write access by a user of a data storage drive when mounted in the data storage drive (see 
abstract), comprising: 

data storage media mounted in the data storage cartridge for storing the data for the 
read/write access (see figure 1, reference number 1 15); a wireless interface mounted in the 
portable data storage cartridge for receiving power and data from, and sending data to, the data 
storage drive when mounted in the data storage drive (see page 5, line 31 through page 6, line 
23); and 

• a computer processor mounted in the portable data storage cartridge and coupled to the 
wireless interface (see figure 1, reference numbers 1 10, 120, and 130); the computer processor 
powered by the wireless interface and receiving and transmitting data to the data storage drive 
via the wireless interface (see page 5, line 31 through page 6, line 23); the computer processor 
receiving the user authentication messages from the data storage drive via the wireless interface, 
and transmitting the user authorization or denial to the data storage drive via the wireless 
interface (see page 10, lines 19-26). 

Anderl et ah does not teach the computer processor having a user table comprising at 
least a unique user identifier for each authorized user and at least one permitted activity the user 
is authorized to conduct with respect to the data storage media, the user identifier, when 
combined with a user authentication message from the authorized user in accordance with a 
predetermined algorithm, authorizes the user; and combining the user authentication message 
with at least part of the user identifier from the user table in accordance with the predetermined 
algorithm to authorize or deny the user activity. 
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Smith teaches the computer processor having a user table comprising at least a unique 
user identifier for each authorized user and at least one permitted activity the user is authorized 
to conduct with respect to the data storage media (see column 2, lines 11-17), the user identifier, 
when combined with a user authentication message from the authorized user in accordance with 
a predetermined algorithm, authorizes the user (see column 5, lines 9-14 and see figure 1); and 
combining the user authentication message with at least part of the user identifier from the user 
table in accordance with the predetermined algorithm to authorize or deny the user activity (see 
column 5, lines 9-14 and see figure 1). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al. to include the computer processor 
having a user table comprising at least a unique user identifier for each authorized user and at ■ 
least one permitted activity the user is authorized to conduct with respect to the data storage 
media, the user identifier, when combined with a user authentication message from the 
authorized user in accordance with a predetermined algorithm, authorizes the user; and 
combining the user authentication message with at least part of the user identifier from the user 
table in accordance with the predetermined algorithm to authorize or deny the user activity. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. by the teachings of Smith because the 
computer processor having a user table comprising at least a unique user identifier for each 
authorized user and at least one permitted activity the user is authorized to conduct with respect 
to the data storage media, the user identifier, when combined with a user authentication message 
from the authorized user in accordance with a predetermined algorithm, authorizes the user; and 
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combining the user authentication message with at least part of the user identifier from the user 
table in accordance with the predetermined algorithm to authorize or deny the user activity 
would limit the access of selected users to pre-selected locations which they are authorized to 
access (see Smith , column 1, lines 7-12). 

As to claim 29, Anderl et al. teaches a method for providing a portable secure interface to 
a data storage cartridge (see abstract, where it is inherent that "a method for providing a portable 
secure interface to a data storage cartridge" is disclosed in "a portable data carrier system" that 
does not provide information of particular applications or file structure to its users), the data 
storage cartridge having data storage media for storing data for read/write access by a user of a 
data storage drive when mounted in the data storage drive (see figure 1, reference number 1 1 5), 
and a wireless interface mounted in the portable data storage cartridge for receiving power and 
data from, and sending data to, the data storage drive when mounted in the data storage drive 
(see page 5, line 31 through page 6, line 23), the method comprising the steps of: 

receiving the user authentication messages from the data storage drive via the wireless 
interface; and transmitting the user authorization or denial to the data storage drive via the 
wireless interface (see page 10, lines 19-26). 

Anderl et al. does not teach the data storage cartridge having a user table comprising at 
least a unique user identifier for each authorized user and at least one permitted activity the user 
is authorized to conduct with respect to the data storage media, the user identifier, when 
combined with a user authentication message from the authorized user in accordance with a 
predetermined algorithm, authorizes the user; and combining the user authentication message 
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with at least part of the user identifier from the user table in accordance with the predetermined 
algorithm to authorize or deny the user activity. 

Smith teaches the data storage cartridge having a user table comprising at least a unique 
user identifier for each authorized user and at least one permitted activity the user is authorized 
to conduct with respect to the data storage media (see column 2, lines 1 1-17), the user identifier, 
when combined with a user authentication message from the authorized user in accordance with 
a predetermined algorithm, authorizes the user (see column 5, lines 9-14 and see figure 1); and 
combining the user authentication message with at least part of the user identifier from the user 
table in accordance with the predetermined algorithm to authorize or deny the user activity (see 
column 5, lines 9-14 and see figure 1). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al. to include the data storage cartridge 
having a user table comprising at least a unique user identifier for each authorized user and at 
least one permitted activity the user is authorized to conduct with respect to the data storage 
media, the user identifier, when combined with a user authentication message from the 
authorized user in accordance with a predetermined algorithm, authorizes the user; and 
combining the user authentication message with at least part of the user identifier from the user 
table in accordance with the predetermined algorithm to authorize or deny the user activity. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. by the teachings of Smith because the data 
storage cartridge having a user table comprising at least a unique user identifier for each 
authorized user and at least one permitted activity the user is authorized to conduct with respect 
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to the data storage media, the user identifier, when combined with a user authentication message 
from the authorized user in accordance with a predetermined algorithm, authorizes the user; and 
combining the user authentication message with at least part of the user identifier from the user 
table in accordance with the predetermined algorithm to authorize or deny the user activity 
would limit the access of selected users to pre-selected locations which they are authorized to 
access (see Smith , column 1, lines 7-12). 

As to claim 40, Anderl et al, teaches a computer program product usable with a 
programmable Computer processor having computer readable program code embodied therein 
for providing a secure interface to a data storage cartridge (see abstract), the programmable 
computer processor mounted in the data storage cartridge (see figure 1, reference number 1 10), 
the data storage cartridge having data storage media for storing data for read/write access by a 
user of a data storage drive when mounted in the data storage drive (see figure 1, reference 
number 1 15), and a wireless interface mounted in the portable data storage cartridge for 
receiving power and data from, and sending data to, the data storage drive when mounted in the 
data storage drive (see page 5, line 31 through page 6, line 23) , the computer program product 
comprising: 

computer readable program code which causes the programmable computer processor to 
receive the user authentication messages from the data storage drive via the wireless interface; 
and computer readable program code which causes the programmable computer processor to 
transmit the user authorization or denial to the data storage drive via the wireless interface (see 
page 10, lines 19-26). 
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Anderl et al. does not teach computer readable program code which causes the 
programmable computer processor to provide a user table comprising at least a unique user 
identifier for each authorized user and at least one permitted activity the user is authorized to 
conduct with respect to the data storage media, the user identifier, when combined with a user 
authentication message from the authorized user in accordance with a predetermined algorithm, 
authorizes the user; and combine the user authentication message with at least part of the user 
identifier from the user table in accordance with the predetermined algorithm to authorize or 
deny the user activity. 

Smith teaches computer readable program code which causes the programmable 
computer processor to provide a user table comprising at least a unique user identifier for each 
authorized user and at least one permitted activity the user is authorized to conduct with respect 
to the data storage media (see column 2, lines 11-17), the user identifier, when combined with a 
user authentication message from the authorized user in accordance with a predetermined 
algorithm, authorizes the user (see column 5, lines 9-14 and see figure 1); and computer readable 
program code which causes the programmable computer processor to combine the user 
authentication message with at least part of the user identifier from the user table in accordance 
with the predetermined algorithm to authorize or deny the user activity (see column 5, lines 9-14 
and see figure 1). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al. to include computer readable 
program code which causes the programmable computer processor to provide a user table 
comprising at least a unique user identifier for each authorized user and at least one permitted 



Application/Control Number: 09/435,899 Page 1 1 

Art Unit: 2164 

activity the user is authorized to conduct with respect to the data storage media, the user 
identifier, when combined with a user authentication message from the authorized user in 
accordance with a predetermined algorithm, authorizes the user; and computer readable program 
code which causes the programmable computer processor to combine the user authentication 
message with at least part of the user identifier from the user table in accordance with the 
predetermined algorithm to authorize or deny the user activity. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. by the teachings of Smith because computer 
readable program code which causes the programmable computer processor to provide a user 
table comprising at least a unique user identifier for each authorized user and at least one 
permitted activity the user is authorized to conduct with respect to the data storage media, the 
user identifier, when combined with a user authentication message from the authorized user in 
accordance with a predetermined algorithm, authorizes the user; and computer readable program 
code which causes the programmable computer processor to combine the user authentication 
message with at least part of the user identifier from the user table in accordance with the 
predetermined algorithm to authorize or deny the user activity would limit the access of selected 
users to pre-selected locations which they are authorized to access (see Smith , column 1, lines 1- 
12). 



As to claims 6, 20, and 44, Anderl et al. as modified, teaches wherein the computer 
processor user table permitted activities comprise a plurality of permitted activities, selected ones 
of which each of the users may be authorized to conduct, the permitted activities comprising 1) 
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read access to data stored in the data storage media, 2) write access to data stored in the data 
storage media (see Smith , column 4, lines 59-66), 3) read the user entry of the user table, 4) read 
all entries of the user table, 5) add entries to the user table, and 6) change/delete entries to the 
user table (see Smith , column 3, line 62 through column 4, line 14). 

As to claims 8, 22, and 46, Anderl et al. as modified, teaches wherein the computer 
processor user table comprises a separate entry for each the user identifier, the entry comprising 
all the permitted activities the user is authorized to conduct (see Smith , column 2, lines 11-17). 

As to claims 9 and 23, Anderl et al. as modified, teaches wherein the computer processor 
additionally comprises a nonvolatile memory storing the user table (see Anderl et al. , page 11, 
lines 21-26). 

As to claim 33, Anderl et al as modified, teaches wherein the user table comprises a 
plurality of the permitted activities, selected ones of which each of the users may be authorized 
to conduct, the permitted activities comprising 1) read access to data stored in the data storage 
media, 2) write access to data stored in the data storage media (see Smith column 4, lines 59-66), 
3) read the user entry of the user table, 4) read all entries of the user table, 5) add entries to the 
user table, and 6) change/delete entries to the user table; and wherein the transmitting step 
comprises transmitting authorization to conduct the selected the user permitted activities the user 
is authorized to conduct (see Smith , column 3, line 62 through column 4, line 14). 
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As to claim 35, Anderl et al. as modified, teaches wherein the step of providing the user 
table comprises a separate entry for each the user identifier, the entry comprising all the 
permitted activities the user is authorized to conduct; and wherein the transmitting step 
additionally comprises identifying the user permitted activities from the user separate entry (see 
Smith , column 2, lines 11-17). 

4. Claims 2 and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Anderl et 
aK (International Publication No. 87/07062) in view of Smith (U.S. patent No. 4,9563,769) as 
applied to claims 1, 6, 8-9, 15, 20, 22-23, 29, 33, 35, 40, 44, and 46 above, and further in view of 
Davis (U.S. patent No. 4,941,201). 

As to claims 2 and 16, Anderl et al. as modified, does not teach wherein the wireless 
interface comprises an RF interface. 

Davis teaches an electronic data storage apparatus (see abstract), in which he teaches 
wherein the wireless interface comprises an RF interface (see column 5, lines 55-61 and see 
column 21, lines 31-46, where 100 kHz is in the RF range of the Electromagnetic Spectrum). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al. as modified, to include wherein the 
wireless interface comprises an RF interface. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. as modified, by the teachings of Davis 
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because wherein the wireless interface comprises an RF interface would make the propagation 
delay between the outputs of the inverters 5 microseconds (see Davis , column 21, lines 39-46). 

5. Claims 3-5, 17-19, 30-31, and 41-43 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Anderl et al. (International Publication No. 87/07062) in view of Smith (U.S. 
patent No. 4,9563,769) as applied to claims 1, 6, 8-9, 15, 20, 22-23, 29, 33, 35, 40, 44, and 46 
above, and further in view of Wright et al. (U.S. patent No. 6,084,969). 

As to claims 3, 17, 30, and 41, Anderl et al. as modified, does not teach wherein each the 
user identifier comprises a user symbol and a user decrypting key, wherein the user 
authentication message comprises an encrypted user authentication message which may be 
decrypted by the user decrypting key, and wherein the computer processor conducts the 
combination by decrypting the user authentication message by the user decrypting key. 

Wright et al. teaches an encryption system for a two way pager (see abstract), in which he 
teaches wherein each the user identifier comprises a user symbol and a user decrypting key (see 
column 11, line 65 through column 12, line 5), wherein the user authentication message 
comprises an encrypted user authentication message which may be decrypted by the user 
decrypting key, and wherein the computer processor conducts the combination by decrypting the 
user authentication message by the user decrypting key (see column 12, lines 5-13). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al as modified, to include wherein each 
the user identifier comprises a user symbol and a user decrypting key, wherein the user 
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authentication message comprises an encrypted user authentication message which may be 
decrypted by the user decrypting key, and wherein the computer processor conducts the 
combination by decrypting the user authentication message by the user decrypting key. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. as modified, by the teachings of Wright et al. 
because wherein each the user identifier comprises a user symbol and a user decrypting key, 
wherein the user authentication message comprises an encrypted user authentication message 
which may be decrypted by the user decrypting key, and wherein the computer processor 
conducts the combination by decrypting the user authentication message by the user decrypting 
key would authenticate the sender and protect the contents of the message (see Wright et al , 
column 9, lines 51-56). 

As to claims 4, 18, 31, and 42, Anderl et al. as modified, teaches wherein the user 
decrypting key comprises a sender public key, and wherein the predetermined algorithm 
comprises a public key cryptographic algorithm (see Wright et al , column 12, lines 5-13). 

As to claims 5 and 19, Anderl et al. as modified, teaches wherein the user authentication 
message is encrypted by a sender private key and a receiver public key (see Wright et al , column 
9, lines 51-56), and wherein the public key cryptographic algorithm decrypts the user 
authentication message employing a receiver private key and the sender public key, whereby the 
user authentication message is known to have come from the user (see Wright et al. , column 12, 
lines 5-13). 
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As to claims 32 and 43, Anderl et al. as modified, teaches wherein the user authentication 
message is encrypted by a sender private key and a receiver public key (see Wright et al. , column 
9, lines 51-56), wherein the public key cryptographic algorithm decrypts the user authentication 
message employing a receiver private key and the sender public key, and wherein the combining 
step comprises decrypting the user authentication message by the receiver private key and the 
sender public key, whereby the user authentication message is known to have come from the user 
(see Wright et al. , column 12, lines 5-13). 

6. Claims 7, 10-13, 21, 24-27, 34, 36-3*8, 45, and 47-49 rejected under 35 U.S.C. 103(a) as 
being unpatentable over Anderl et ah (International Publication No. 87/07062) in view of Smith 
(U.S. patent No. 4,9563,769) as applied to claims 1, 6, 8-9, 15, 20, 22-23, 29, 33, 35, 40, 44, and 
46 above, and further in view of Bapat et al. (U.S. patent No. 6,038,563). 

As to claims 7, 21, and 45, Anderl et al. as modified, does not teach wherein the 
computer processor user table comprises a separate entry for each the user identifier and the 
permitted activity the user is authorized to conduct. 

Bapat et al. teaches access control to a database using a permissions table (see abstract), 
in which he teaches wherein the computer processor user table comprises a separate entry for 
each the user identifier and the permitted activity the user is authorized to conduct. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al. as modified, to include wherein the 
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computer processor user table comprises a separate entry for each the user identifier and the 
permitted activity the user is authorized to conduct. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. as modified, by the teachings of Bapat et al. 
because wherein the computer processor user table comprises a separate entry for each the user 
identifier and the permitted activity the user is authorized to conduct would give a way to grant 
or deny access to certain users (see Bapat et al. , column 1 1, lines 4-7). 

As to claims 10, 24, 36, and 47, Anderl et al. as modified, teaches receiving the user 
authentication messages from the data storage drive via the wireless interface, and transmitting 
the class authorization or denial to the data storage drive via the wireless interface (see Anderl et 
al page 12, lines 7-15, and see figure 7). 

Anderl et al. as modified, does not teach wherein the computer processor additionally 
comprises a class table comprising at least a unique class identifier for each authorized class of 
users and at least one permitted activity the class of users is authorized to conduct with respect to 
the data storage media, the class identifier, when combined with a user authentication message 
from a user of the authorized class of users in accordance with the predetermined algorithm, 
authorizes the user; and wherein the computer processor additionally, upon receiving the user 
authentication messages, combining the user authentication message with the class identifier 
from the class table in accordance with the predetermined algorithm to authorize or deny the 
class activity to the user, and transmitting the class authorization or denial. 
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Bapat et al. teaches wherein the computer processor additionally comprises a class table 
comprising at least a unique class identifier for each authorized class of users and at least one 
permitted activity the class of users is authorized to conduct with respect to the data storage 
media, the class identifier (see column 10, lines 35-47), when combined with a user 
authentication message from a user of the authorized class of users in accordance with the 
predetermined algorithm, authorizes the user (see figure 5); and wherein the computer processor 
additionally, upon receiving the user authentication messages, combining the user authentication 
message with the class identifier from the class table in accordance with the predetermined 
algorithm to authorize or deny the class activity to the user, and transmitting the class 
authorization or denial (see figure 6). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al, as modified, to include wherein the 
computer processor additionally comprises a class table comprising at least a unique class 
identifier for each authorized class of users and at least one permitted activity the class of users is 
authorized to conduct with respect to the data storage media, the class identifier, when combined 
with. a user authentication message from a user of the authorized class of users in accordance 
with the predetermined algorithm, authorizes the user; and wherein the computer processor ' 
additionally, upon receiving the user authentication messages, combining the user authentication 
message with the class identifier from the class table in accordance with the predetermined 
algorithm to authorize or deny the class activity to the user, and transmitting the class 
authorization or denial. 
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It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. as modified, by the teachings of Bapat et a], 
because wherein the computer processor additionally comprises a class table comprising at least 
a unique class identifier for each authorized class of users and at least one permitted activity the 
class of users is authorized to conduct with respect to the data storage media, the class identifier, 
when combined with a user authentication message from a user of the authorized class of users in 
accordance with the predetermined algorithm, authorizes the user; and wherein the computer 
processor additionally, upon receiving the user authentication messages, combining the user 
authentication message with the class identifier from the class table in accordance with the 
predetermined algorithm to authorize or deny the class activity to the user, and transmitting the 
class authorization or denial would make an easy way to define a set of access rules to grant 
access rights to a broad group of users (see Bapat et al. , column 11, lines 56-59) and would help 
to reduce the amount of data required to define access rules (see Bapat et al. , column 9, lines 48- 
50). 

As to claims 1 1, 25, 37, and 48, Anderl et al. as modified, teaches wherein the computer 
processor user table additionally comprises any class membership of each the user (see Bapat et 
al, Column 10, lines 4-10), wherein the user may be authorized with respect to the class table 
either by the class authorization or by the user authorization (see Bapat et al. , figure 1 5A). 



As to claims 12, 26, and 49, Anderl et al, as modified, teaches wherein the computer 
processor user table and the class table permitted activities comprise a plurality of permitted 



Application/Control Number: 09/435,899 Page 20 

Art Unit: 2164 

activities, selected ones of which each of the users may be authorized to conduct, the permitted 
activities comprising 1) read access to data stored in the data storage media, 2) write access to 
data stored in the data storage media, 3) read all entries of the class table, 4) add entries to the 
class table, and 5) change/delete entries to the class table (see Bapat et al. , column 10, lines 35- 
47). 

As to claims 13 and 27, Anderl et al, as modified, teaches wherein the computer 
processor additionally comprises a 'nonvolatile memory storing the user table (see Anderl et al. , 
page 1 1, lines 14-26) and the class table (see Bapat et al , column 7, lines 18-24). 

As to claim 34, Anderl et al. as modified, does not teach wherein the user table comprises 
a separate entry for each the user identifier and the permitted activity the user is authorized to 
conduct; and wherein the transmitting step additionally comprises identifying the user permitted 
activities from the separate entries. 

Bapat et al. teaches wherein the user table comprises a separate entry for each the user 
identifier and the permitted activity the user is authorized to conduct; and wherein the 
transmitting step additionally comprises identifying the user permitted activities from the 
separate entries (see column 10, lines 35-47). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al. as modified, to include wherein the 
user table comprises a separate entry for each the user identifier and the permitted activity the 
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user is authorized to conduct; and wherein the transmitting step additionally comprises 
identifying the user permitted activities from the separate entries. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. as modified, by the teachings of Bapat et al. 
because wherein the user table comprises a separate entry for each the user identifier and the 
permitted activity the user is authorized to conduct; and wherein the transmitting step 
additionally comprises identifying the user permitted activities from the separate entries would 
give a way to grant or deny access to certain users (see Bapat et al. , column 11, lines 4-7). 

As to claim 38, Anderl et al. as modified, teaches wherein the user table and the class 
table comprise a plurality of permitted activities, selected ones of which each of the users may be 
authorized to conduct, the permitted activities comprising 1) read access to data stored in the data 
storage media, 2) write access to data stored in the data storage media, 3) read all entries of the 
class table, 4) add entries to the class table, and 5) change/delete entries to the class table; and 
wherein the transmitting step comprises transmitting authorization to conduct the selected the 
user and the class permitted activities the user is authorized to conduct (see Bapat et al. , column 
10, lines 35-47). 

7. Claims 14, 28, 39, and 50 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Anderl et al (International Publication No. 87/07062) in view of Smith (U.S. patent No. 
4,9563,769) as applied to claims 1, 6, 8-9, 15, 20, 22-23, 29, 33, 35, 40, 44, and 46 above, and 
further in view of Hastings et al. (U.S. patent No. 6,370,629 Bl). 
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As to claims 14, 28, 39, and 50 Anderl et al. as modified, teaches wherein the computer 
processor user table permitted activities comprise at least 1) read access to data stored in the data 
storage media (see Smith , column 4, lines 59-66). 

Anderl et al as modified, does not teach wherein the data stored in the data storage media 
is encrypted, and wherein the user authorization for the read access additionally comprises a 
decryption key for the encrypted stored data. 

Hastings et al. teaches giving access to information based on time and geographic 
position (see abstract), in which he teaches wherein the data stored in the data storage media is 
encrypted (see column 3, line 63 through column 4, line 4), and wherein the user authorization 
for the read access additionally comprises a decryption key for the encrypted stored data (see 
column 5, lines 52-61). 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Anderl et al. as modified, to include wherein the 
data stored in the data storage media is encrypted, and wherein the user authorization for the read 
access additionally comprises a decryption key for the encrypted stored data. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Anderl et al. as modified, by the teachings of Hastings et 
ah because wherein the data stored in the data storage media is encrypted, and wherein the user 
authorization for the read access additionally comprises a decryption key for the encrypted stored 
data would keep an unauthorized user from accessing the files (see Hastings et al. , column 5, 
lines 52-61). 
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Declaration Under 3 7 CFR 1. 132 

8. The declaration under 37 CFR 1.132 filed 13-December-2005 is insufficient to overcome 
the rejection of claims 1-50 based upon 35 U.S.C. 103(a) as set forth in the last Office action 
because: 

It refers only to the system described in the above referenced application and not to the 
individual claims of the application. Thus, there is no showing that the objective evidence of 
nonobviousness is commensurate in scope with the claims. See MPEP § 716. 

Response to Arguments 

9. Applicant's arguments filed on 13-December-2004 with respect to rejected claims have 
been considered but are not deemed persuasive. 

In response to applicant's arguments against the references individually, one cannot show 
nonobviousness by attacking references individually where the rejections are based on 
combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re 
Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). 

In response to the applicant's arguments that Anderl et al. and Smith do not teach the 
applicant's claimed limitations "unique user identifier for each authorized user" and "the user 
identifier, when combined with a user authentication message from the authorized user in 
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accordance with a predetermined algorithm, authorizes the user", the arguments have been fully 
considered but are not deemed persuasive. Anderl et al. as modified by Smith in the office 
action teaches a unique user identifier for each authorized user. As seen in Smith column 2, 
lines 11-17, Smith discloses a table having "a first entry identifying the user 1 '. Further Anderl et 
al as modified in the office action also discloses "the user identifier, when combined with a user 
authentication message from the authorized user in accordance with a predetermined algorithm, 
authorizes the user". This can be seen in column 5, lines 9-14 of Smith and in figure 1 of Smith . 
Both of these sections of Smith disclose the user signing onto a database and becoming 
authenticated. Column 5 further discloses parsing the system sign-on by the user and extracting 
a unique user identification symbol this symbol is then used to determine what operations the 
user is permitted to perform. It is obvious to one of ordinary skill in the art that a system sign-on 
would include using both the user identifier and a password, "authentication message". 

In response to the applicant's arguments that Anderl et al and Smith do not teach the 
applicant's claimed limitation "said computer processor user table permitted activities comprise 
a plurality of permitted activities, selected ones of which each of said users may be authorized to 
conduct, said permitted activities comprising *** 5) add entries to said user table, and 6) 
change/delete entries to said user table" the arguments have been fully considered but are not 
deemed persuasive. Anderl et al. as modified by Smith discloses in column 3 line 62 through 
column 4, line 14 of Smith a security administrator position that has the ability to define access 
privileges of users by the use of profiles and data access tables. Given that the security 
administrator position would be one of the users, it is inherent that one of the permitted activities 
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given to this user would be to add entries to the user table and to change and delete entries to the 
user table in order for the security administrator to define the user rolls. 

In response to the applicant's arguments that "a fundamental distinguishing difference 
exists between the 'designated levels of interaction' of Anderal et al. and the present '899 
Application's 'at least one unique user identifier for each authorized user'", the arguments have 
been fully considered but are not deemed persuasive. The Anderl et al. reference cannot be taken 
alone when considering this feature of the invention since Anderl et al was modified Smith to 
disclose "at least one unique user identifier for each authorized user". 

In response to the applicant's arguments that Davis "shows nothing directed to a user 
identifier", the arguments have been fully considered but are not deemed persuasive because 
Davis is only used to modify Anderl et al. to include the wireless interface is a RF interface as 
claimed in claim 2. Anderl et al. does not disclose the frequency that the wireless interface 
operates at. Davis is used to show that operating at RF is obvious to one of ordinary skill in the 
art. 

In response to the applicant's arguments that "Anderl et al., Smith and Wright et al. teach 
away from Applicant's use of encryption/decryption with the authorization process", the 
arguments have been fully considered but are not deemed persuasive. Wright et al. clearly 
teaches encryption/decryption during the authorization process in the section sited in the 
rejection so it is not clear how Wright et al or any disclosure being modified by Wright et al. 



Application/Control Number: 09/435,899 
Art Unit: 2164 



Page 26 



could not only not teach "encryption/decryption with the authorization process" but also teach 
away from it. 

In response to the applicant's arguments that Bapat et al. does not teach elements of 
claims 1 and 6, the arguments have been fully considered but are not deemed persuasive because 
Bapat et al. is used to reject certain elements of claims 7, 10-13, 21, 24-27, 34, 36-38, 45, and 
47-49; and not even mentioned in the 35 U.S.C. 103(a) rejection of claims 1 and 6. 

In response to the applicant's arguments that Bapat et al, does not teach a user having 
access to the permissions table to "3) read all entries of said class table, 4) add entries to said 
class table, and 5) change/delete entries to said class table", the arguments have been fully 
considered but are not deemed persuasive. Bapat et al teaches having groups of users and 
defining users that are in those groups and actions those groups are permitted to perform. It is 
inherent that one of the groups of users would have to be able to read/write/change/modify/delete 
these lists, "tables", in order to have someone capable of making changes to user group 
definitions. 

In response to the applicant's arguments that Hastings et al. does not teach elements of 
claim 1, the arguments have been fully considered but are not deemed persuasive because 
Hastings et al. is used to reject certain elements of claims 14, 28, 39, and 50; and not even 
mentioned in the 35 U.S.C. 103(a) rejection of claim 1. 
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Conclusion 

10. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 . 1 36(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jacob F. Betit whose telephone number is (571) 272-4075. The 
examiner can normally be reached on Monday through Friday 9 am to 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Dov Popovici can be reached on (571) 272-4083. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



jfb 

11 Apr 2005 




SAM RIMELL 
PRIMARY EXAMINER 



